__security_init_cookie
Other versions of this page are also available for the following:
.gif "A hyphen indicates that the information in this topic is not relevant for this platform, or that the platform does not support the API that is listed.")
.gif "A checkmark indicates that the information in this topic is relevant for this platform, and that any API listed is also supported on this platform.")
8/27/2008
Initializes the global security cookie.
Syntax
void __security_init_cookie(void);
Remarks
The global security cookie is used for buffer overrun protection in code compiled with /GS - Enable Security Checks, and in code that uses exception handling. Essentially, on entry to an overrun-protected function, the cookie is put on the stack, and on exit, the value on the stack is compared against the global cookie. Any difference between them indicates that a buffer overrun has occurred and results in immediate termination of the program.
Normally, __security_init_cookie is called by the CRT when it starts up. If you bypass CRT initialization (for example, by writing a DLL and specifying an entry-point with the /ENTRY linker option), then you must call __security_init_cookie yourself.
For more information about entry points, see CRT Entry Points.
The call to __security_init_cookie must be made before any overrun-protected function is entered; otherwise a spurious buffer overrun will be detected. Any function compiled with the /GS switch and containing a local buffer or exception handling (SEH or C++ EH) is a candidate for overrun protection.
If your entry point function does not require overrun protection, call __security_init_cookie at the beginning of that function. If the entry point function does require protection, create an entry point wrapper function to call __security_init_cookie, followed by your original entry point.
The following example demonstrates a correct way to call __security_init_cookie:
// Correct way to call __security_init_cookieDllEntryPoint(...) { __security_init_cookie(); DllEntryHelper();}// Ensure that the original entry point is not inlined__declspec(noinline)void DllEntryHelper() { ... __try { ... } __except()... { ... }}
Requirements
| Header | stdlib.h |
| Library | corelibc.lib |
| Windows Embedded CE | Windows Embedded CE 6.0 and later |
See Also
Reference
Concepts
CRT Entry Points
Linking to the CRT